我试过问this question关于 WCF,但我没有答案,所以我再次尝试一个更集中的问题。
谁能告诉我如何为 WCF 客户端创建自定义绑定(bind):
更新
不确定它是否有所作为,但我使用的是 .NET 4
另一个更新
如果有人有任何很棒的具体例子
最佳答案
我想我可以给一些指点。您将必须使用 WIF 才能使其正常工作。您要传递的用户名 token 将是已签名的 SAML token 。为了生成 SAML token ,WCF 示例附带了一个 STS 示例项目,您可以使用该示例项目。您的代码应如下所示:
//This class will use the STS WCF sample to generate the signed SAML token
var tm = new TokenManager();
var samlToken = tm.GetSamlToken(Username);
var cf2 = new ChannelFactory<IPingService>("WcfSamlOverMutualSsl");
cf2.Credentials.ClientCertificate.Certificate = clientCert;
cf2.ConfigureChannelFactory();
cf2.Open();
// this code will attach the SAML token to WCF service.
var proxy2 = cf2.CreateChannelWithIssuedToken(samlToken);
response = proxy2.Ping();
<customBinding>
<binding name="SamlOverMutualSsl">
<security defaultAlgorithmSuite="Default" authenticationMode="IssuedTokenOverTransport"
requireDerivedKeys="true" securityHeaderLayout="Strict" includeTimestamp="false"
keyEntropyMode="CombinedEntropy" messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10">
<issuedTokenParameters keyType="BearerKey" tokenType="">
<additionalRequestParameters>
<trust:SecondaryParameters xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<trust:KeyType xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
</trust:SecondaryParameters>
</additionalRequestParameters>
</issuedTokenParameters>
<localClientSettings cacheCookies="true" detectReplays="false"
replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
<localServiceSettings detectReplays="false" issuedCookieLifetime="10:00:00"
maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
reconnectTransportOnFailure="true" maxPendingSessions="128"
maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
<secureConversationBootstrap />
</security>
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap11" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</textMessageEncoding>
<httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="true" />
</binding>
</customBinding>
<endpoint address="https://localhost/Ping/saml"
binding="customBinding" bindingConfiguration="SamlOverMutualSsl"
contract="SharedContracts.IPingService" name="WcfSamlOverMutualSsl" />
关于.net - 将支持 HTTPS、签名证书和签名用户名 token 的 WCF 自定义绑定(bind),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/7089780/